Web Browser & Security

Web browser

A web browser is a software application that enables a user to display and interact with text, images, videos, music and other information typically located on a Web page at a website on the World Wide Web or a local area network. Text and images on a Web page can contain hyperlinks to other Web pages at the same or different website. Web browsers allow a user to quickly and easily access information provided on many Web pages at many websites by traversing these links. Web browsers format HTML information for display, so the appearance of a Web page may differ between browsers.

Some of the Web browsers available for personal computers include Internet Explorer, Mozilla Firefox, Safari, Opera, and Netscape in order of descending popularity (in August 2006).^[1] Web browsers are the most commonly used type of HTTP user agent. Although browsers are typically used to access the World Wide Web, they can also be used to access information provided by Web servers in private networks or content in file systems.

Web browsers communicate with Web servers primarily using HTTP (hypertext transfer protocol) to fetch webpages. HTTP allows Web browsers to submit information to Web servers as well as fetch Web pages from them. The most commonly used HTTP is HTTP/1.1, which is fully defined in RFC 2616. HTTP/1.1 has its own required standards that Internet Explorer does not fully support, but most other current-generation Web browsers do.

Pages are located by means of a URL (uniform resource locator, RFC 1738 ), which is treated as an address, beginning with http: for HTTP access. Many browsers also support a variety of other URL types and their corresponding protocols, such as gopher: for Gopher (a hierarchical hyperlinking protocol), ftp: for FTP (file transfer protocol), rtsp: for RTSP (real-time streaming protocol), and https: for HTTPS (an SSL encrypted version of HTTP).

The file format for a Web page is usually HTML (hyper-text markup language) and is identified in the HTTP protocol using a MIME content type. Most browsers natively support a variety of formats in addition to HTML, such as the JPEG, PNG and GIF image formats, and can be extended to support more through the use of plugins. The combination of HTTP content type and URL protocol specification allows Web page designers to embed images, animations, video, sound, and streaming media into a Web page, or to make them accessible through the Web page.

Early Web browsers supported only a very simple version of HTML. The rapid development of proprietary Web browsers led to the development of non-standard dialects of HTML, leading to problems with Web interoperability. Modern Web browsers support a combination of standards- and defacto-based HTML and XHTML, which should display in the same way across all browsers. No browser fully supports HTML 4.01, XHTML 1.x or CSS 2.1 yet. Currently many sites are designed using WYSIWYG HTML generation programs such as Macromedia Dreamweaver or Microsoft FrontPage. These often generate non-standard HTML by default, hindering the work of the W3C in developing standards, specifically with XHTML and CSS (cascading style sheets, used for page layout).

Some of the more popular browsers include additional components to support Usenet news, IRC (Internet relay chat), and e-mail. Protocols supported may include NNTP (network news transfer protocol), SMTP (simple mail transfer protocol), IMAP (Internet message access protocol), and POP (post office protocol). These browsers are often referred to as Internet suites or application suites rather than merely Web browsers.

HISTORY

One important person in the early design and evolution of the browser was Neil Larson who in 1977 created a TRS-80 program that displayed outlines a level at a time with hypertext jumps between levels. In 1984, expanding on ideas from futurist Ted Nelson, his commercial DOS Maxthink outline program added angle bracket hypertext jumps (adopted by later web browsers) to and from ASCII, batch, and other Maxthink files up to 32 levels deep. In 1986 he released his DOS Houdini network browser program that supported 2500 topics cross-connected with 7500 links in each file along with hypertext links among unlimited numbers of external ASCII, batch, and other Houdini files.

In 1987, these capabilites were included in his then popular shareware DOS file browser programs HyperRez (memory resident) and PC Hypertext (which also added jumps to programs, editors, graphic files containing hot spots jumps, and cross-linked theraurus/glossary files). These programs introduced many to the browser concept and 20 years later, Google still lists 3,000,000 references to PC Hypertext. In 1989, he created both HyperBBS and HyperLan which both allow multiple users to create/edit both topics and jumps for information and knowledge annealing which in concept, the columnist, John C.Dvorak says predated Wiki by many years.

From 1987 on, he also created TransText (hypertext word processor) and many utilities for rapidly building large scale knowledge systems ... and in 1989 helped produce for one of the big eight accounting firms a comprehensive knowledge system of integrating all accounting laws/regulations into a CDROM containing 50,000 files with 200,000 hypertext jumps. Additionally, the Lynx (a very early web-based browser) development history notes their project origin was based on the browser concepts from Neil Larson and Maxthink. In 1989, he declined joining the MOSAIC browser team with his preference for knowledge/wisdom creation over distributing information ... a problem still not solved by today's internet.

Another early browser, Silversmith, was created by John Bottoms in 1987.^[3] The browser, based on SGML tags, used a tag set from the Electronic Document Project of the AAP with minor modifications and was sold to a number of early adopters. At the time SGML was used exclusively for the formatting of printed documents. The use of SGML for electronically displayed documents signaled a shift in electronic publishing and was met with considerable resistance. Silversmith included an integrated indexer, full text searches, hypertext links between images text and sound using SGML tags and a return stack for use with hypertext links. It included features that are still not available in today's browsers. These include capabilities such as the ability to restrict searches within document structures, searches on indexed documents using wild cards and the ability to search on tag attribute values and attribute names. SGML-FAQ US Patent

Starting in 1988, Peter Scott and Earle Fogel expanded the earlier HyperRez concept in creating Hytelnet which added jumps to telnet sites ... and which by 1990 offered users instant logon and access to the online catalogs of over 5000 libraries around the world. The strength of Hytelnet was speed and simplicity in link creation/execution at the expense of a centralized world wide source for adding, indexing, and modifying telnet links. This problem was solved by the invention of the web server.

A NeXTcube was used by Tim Berners-Lee (who pioneered the use of hypertext for sharing information) as the world's first Web server, and also an early Web browser, WorldWideWeb in 1990. Berners-Lee introduced it to colleagues at CERN in March 1991. Since then the development of Web browsers has been inseparably intertwined with the development of the Web itself.

In April 1990, a draft patent application for a mass market consumer device for browsing pages via links "PageLink" was proposed by Craig Cockburn at Digital Equipment Co Ltd (DEC) whilst working in their Networking and Communications division in Reading, England. This application for a keyboardless touch screen browser for consumers also makes reference to "navigating and searching text" and "bookmarks" was aimed at (quotes paraphrased) "replacing books", "storing a shopping list" "have an updated personalised newspaper updated round the clock", "dynamically updated maps for use in a car" and suggests such a device could have a "profound effect on the advertising industry". The patent was canned by Digital as too futuristic and, being largely hardware based, had obstacles to market that purely software driven approaches did not suffer from.

In 1992, Tony Johnson releases the MidasWWW browser. Based on Motif/X, MidasWWW allows viewing of PostScript files on the Web from Unix and VMS, and even handles compressed PostScript. [1]

Another early popular Web browser was ViolaWWW, which was modeled after HyperCard. However, the explosion in popularity of the Web was triggered by NCSA Mosaic which was a graphical browser running originally on Unix but soon ported to the Apple Macintosh and Microsoft Windows platforms. Version 1.0 was released in September 1993, and was dubbed the killer application of the Internet. Marc Andreessen, who was the leader of the Mosaic team at NCSA, quit to form a company that would later be known as Netscape Communications Corporation. Netscape released its flagship Navigator product in October 1994, and it took off the next year.

Microsoft, which had thus far not marketed a browser (in fact even as late as 1995 Bill Gates dismissed personal use of the World Wide Web as a passing fad)^{[citation needed]}, finally entered the fray with its Internet Explorer product, purchased from Spyglass, Inc. This began what is known as the browser wars, the fight for the Web browser market between Microsoft and Netscape.

The wars put the Web in the hands of millions of ordinary PC users, but showed how commercialization of the Web could stymie standards efforts. Both Microsoft and Netscape liberally incorporated proprietary extensions to HTML in their products, and tried to gain an edge by product differentiation, leading to the acceptance of the Cascading Style Sheets proposed by Håkon Wium Lie over Netscape's JavaScript Style Sheets (JSSS) by W3C.

In 1996, Netscape's share of the browser market reached 86% (with Internet Explorer edging up 10%); but then Microsoft began integrating its browser with its operating system and bundling deals with OEMs;, and within two years the trend had reversed. Although Microsoft has since faced antitrust litigation on these charges, the browser wars effectively ended once it was clear that Netscape's declining market share trend was irreversible.

In the second half of 2004 Internet Explorer had reached a peak market share of more than 92% ^[4]. Ever since then, its market share had been slowly but steadily declining to less than 79% (May 2007).

Unable to continue commercially funding the product's development, Netscape responded by open sourcing its product, creating Mozilla. This helped the browser maintain its technical edge over Internet Explorer, but did nothing to slow Netscape's declining market share. The company was purchased by America Online in late 1998. At first, the Mozilla project struggled to attract developers, but by 2002 it had evolved into a relatively stable and powerful internet suite. Mozilla 1.0 was released to mark this milestone. Also in 2002, a spin off project that would eventually become the popular Mozilla Firefox was released. In 2004, Firefox 1.0 was released; Firefox 1.5 was released in November 2005. Firefox 2, a major update, was released in October 2006 and work has already begun on Firefox 3 which is scheduled for release in 2007. In 2006, Mozilla and its derivatives account for approximately 12% of Web traffic.

Opera, an innovative, speedy browser popular in handheld devices, particularly mobile phones, as well as on PCs in some countries was released in 1996 and remains a niche player in the PC Web browser market. It is available on Nintendo's DS, DS Lite and Wii consoles[2]. The Opera Mini browser uses the Presto layout engine like all versions of Opera, but runs on most phones supporting Java Midlets.

The Lynx browser remains popular for Unix shell users and with vision impaired users due to its entirely text-based nature. There are also several text-mode browsers with advanced features, such as w3m, Links (which can operate both in text and graphical mode), and the Links forks such as ELinks.

Prior to the release of Mac OS X, Internet Explorer and Netscape were also the primary browsers in use on the Macintosh platform. However, Apple's Safari, the default browser on OS X from version 10.3 onwards, has since grown to dominate this market. In August 2007, Apple also ported its Safari web browser for use on the Windows XP and Vista operating systems (note that the Windows versions of Safari are still in beta testing). Browsers such as Firefox and Camino are also popular amongst Mac users.

In 2003, Microsoft announced that Internet Explorer would no longer be made available as a separate product but would be part of the evolution of its Windows platform, and that no more releases for the Macintosh would be made. However, in early 2005, Microsoft changed its plans, announcing that version 7 of Internet Explorer was under development. IE 7 was released for Windows XP, Windows Server 2003, and Windows Vista in October 2006.

Internet security

In the computer industry, Internet security refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization. Most security measures involve data encryption and passwords. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism. A password is a secret word or phrase that gives a user access to a particular program or system.

Internet security professionals should be fluent in the four major aspects:

• Penetration testing
• Intrusion Detection .
• Incidence Response
• Legal / Audit Compliance

Routers

Network Address Translation (NAT) typically has the effect of preventing connections from being established inbound into a computer, whilst permitting connections out. For a small home network, software NAT can be used on the computer with the Internet connection, providing similar behaviour to a router, and similar levels of security but for a lower cost and lower complexity.

Firewalls

A firewall blocks all roads and cars through authorized ports on your computer, thus restricting unfettered access. A stateful firewall is a more secure form of firewall, and system administrators often combine a proxy firewall with a packet-filtering firewall to create a highly secure system. Most home users use a software firewall.

Anti-virus

Some people or companies with malicious intentions write programs like computer viruses, worms, trojan horses and spyware. These programs are all characterised as being unwanted software that install themselves on your computer through deception.

Trojan horses are simply programs that conceal their true purpose or include a hidden functionality that a user would not want.

Worms are characterised by having the ability to replicate themselves and viruses are similar except that they achieve this by adding their code onto third party software. Once a virus or worm has infected a computer, it would typically infect other programs (in the case of viruses) and other computers.

Viruses also slow down system performance and cause strange system behavior and in many cases do serious harm to computers, either as deliberate, malicious damage or as unintentional side effects.

In order to prevent damage by viruses and worms, users typically install antivirus software, which runs in the background on the computer, detecting any suspicious software and preventing it from running.

Some malware that can be classified as trojans with a limited payload are not detected by most antivirus software and may require the use of other software designed to detect other classes of malware, including spyware.

[Anti-spyware

Spyware is software that runs on a computer without the explicit permission of its user. It often gathers private information from a users computer and sends this data over the Internet back to the software manufacturer.

Adware is software that runs on a computer without the owner's consent, much like spyware. However, instead of taking information, it typically runs in the background and displays random or targeted pop-up advertisements. In many cases, this slows the computer down and may also cause software conflicts.

Browser choice

Internet Explorer is currently the most widely used web browser in the world,^[1] making it the prime target for phishing and many other possible attacks.